Skip to main content

python package for jaccount oauth

Project description

python-oauth-jaccount

Installation

pip install oauth-jaccount

Or add oauth-jaccount into requirements.txt.

Usage (Example)

from oauth_jaccount import JaccountClient

client = JaccountClient(client_id="client_id", client_secret="client_secret")

# Suppose you are using flask-like web framework
from flask import redirect, session
from your_great_project import app

# The redirect url must be the same in both authorization and get_token!
REDIRECT_URL = "https://example.com/jaccount/auth"

# This route is used by user
@app.get("/jaccount/login")
def jaccount_login():
    url, state = client.get_authorize_url(REDIRECT_URL)
    # url is the redirect url sent to the browser
    # state is a random string, you can save it to verify the client request
    
    # (optional but more secure) save the state in session
    session['jaccount_state'] = state
    
    return redirect(url)

# This route is used by jaccount server 
# We set it in REDIRECT_URL so that the server can redirect the browser to it 
# The server will send back the random state and a code
@app.get("/jaccount/auth")
def jaccount_auth(state: str, code: str):
    # (optional but more secure) verify the state in session
    if state != session.get('jaccount_state', ''):
        return redirect("url after login error")
        
    access_token, refresh_token, id_token = client.get_token(code, REDIRECT_URL)
    # access_token is used for api calls (has an expire time)
    # refresh_token can get a new access_token with refreshed expire time
    
    # id_token is a dict (parsed from jwt) with the basic information of a user
    # the format is defined by
    # {
    #   aud: str   # client_id
    #   iss: str   # 'https://jaccount.sjtu.edu.cn/oauth2/'
    #   sub: str   # jaccount username
    #   exp: str   # expiration time (UNIX epoch)
    #   iat: str   # issue time (UNIX epoch)
    #   name: str  # real name
    #   code: str  # seems empty?
    #   type: str  # jaccount type (student/faculty/alumni)
    # }
    
    # usually id_token is enough for your application
    # If you want to call other jaccount apis, you can use
    result = client.call_rest_api(access_token, JaccountClient.API.PROFILE)
    # most jaccount id/secret can only access a limited range of apis (e.g., API.PROFILE)
    # the API list in JaccountClient.API is copied from an old version of jaccount documentation
    # they are not guaranteed to work properly in the future
    
    return redirect("url after login")

# This route is used by user, use it to clear jaccount cookies
# If you do not logout the user before new user login,
# there will be a problem: since the cookies are not cleared, 
# the jaccount server will induce that the previous user is still active,
# so that the username/password page will be skipped and the previous user logins directly
@app.get("/jaccount/logout")
def jaccount_logout():
    # note that this redirect_url is usually different from REDIRECT_URL
    redirect_url = "url after logout"
    url = client.get_logout_url(redirect_url)
    return redirect(url)

Advance Usage

get_token and call_rest_api have more flexible version: get_token_url and get_rest_api_url. You can use them to get the corresponding urls if you want to call them by yourselves (e.g., use aiohttp to make async requests).

You may check the source code for details.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oauth_jaccount-0.1.5.tar.gz (5.0 kB view details)

Uploaded Source

Built Distribution

oauth_jaccount-0.1.5-py3-none-any.whl (4.8 kB view details)

Uploaded Python 3

File details

Details for the file oauth_jaccount-0.1.5.tar.gz.

File metadata

  • Download URL: oauth_jaccount-0.1.5.tar.gz
  • Upload date:
  • Size: 5.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.5.0 pkginfo/1.7.0 requests/2.23.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.6

File hashes

Hashes for oauth_jaccount-0.1.5.tar.gz
Algorithm Hash digest
SHA256 82cc2f5eb313009ea8bda4ab97a4aa2b4bab87cdd6118bf1f1bc29d292951034
MD5 ca442fc605d3b3582de5f3dcd5ddd6dd
BLAKE2b-256 c5d46e04b30c8378a9d8846441055dced6cc6076ee4b83432809ee993fe94b10

See more details on using hashes here.

File details

Details for the file oauth_jaccount-0.1.5-py3-none-any.whl.

File metadata

  • Download URL: oauth_jaccount-0.1.5-py3-none-any.whl
  • Upload date:
  • Size: 4.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.5.0 pkginfo/1.7.0 requests/2.23.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.6

File hashes

Hashes for oauth_jaccount-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 e2ff4aa9d4d3468318b8cb7474fdd156b21a1934f8b23a9d6972eed33717765d
MD5 a6972a2436aafb106032aa03727b9053
BLAKE2b-256 3214ab1d513c5b1c6a9496c2d64b4e8a18a51aad97f9d03e58d413a92fdde796

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page